Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa
File:                     56d828bf-81fa-4253-8691-f9c277ca84ba.roa (raw, json)
Hash identifier:          +RZkpc2Yv/Kqad8/GHm8zNZyq3KPuKZVun87tqxLTpY=
Subject key identifier:   54:46:F6:CF:B2:07:42:C2:E8:FB:82:EF:66:D1:2B:A6:D0:B5:A1:0A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3D5BDF2192CF30B7A97C4146313F64BE8AC6A80F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa
Signing time:             Tue 01 Apr 2025 00:20:07 +0000
ROA not before:           Tue 01 Apr 2025 00:20:07 +0000
ROA not after:            Tue 06 May 2025 23:59:59 +0000
asID:                     6167
IP address blocks:        155.146.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:5b:df:21:92:cf:30:b7:a9:7c:41:46:31:3f:64:be:8a:c6:a8:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr  1 00:20:07 2025 GMT
            Not After : May  6 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:3b:37:b6:d8:6c:f6:b2:88:0e:cd:ad:98:4d:
                    e3:72:19:d7:f4:7b:92:e4:bf:e3:61:72:57:be:ab:
                    2d:90:4c:17:ee:43:6c:89:95:40:d5:d6:03:08:35:
                    b7:85:34:fa:ea:b4:9e:56:98:f9:78:8a:a0:31:e0:
                    e3:35:47:cf:46:38:72:39:cd:38:8d:a3:fc:48:04:
                    19:22:12:d2:6f:f1:2a:7b:19:5c:12:fa:a5:a5:9c:
                    08:b6:85:65:d8:d3:78:9b:c6:b5:67:28:34:ee:7e:
                    f3:34:83:c9:34:b3:a6:0f:38:0d:78:27:2f:10:63:
                    f4:22:f6:90:a2:96:5f:d5:3c:3c:8e:7d:29:05:60:
                    84:8e:ec:19:72:64:55:bf:dc:8e:81:6c:98:c4:0a:
                    ac:3d:a6:9a:97:ec:ef:9d:1d:6c:af:af:bc:01:ba:
                    c8:c2:7f:22:95:e7:d1:70:a5:09:2b:95:79:38:58:
                    6b:66:0d:cc:13:80:f3:ed:cf:3a:c0:aa:6f:b8:de:
                    8d:27:70:0c:59:f2:b8:1e:98:19:04:75:1e:6a:d6:
                    26:1c:1e:33:4d:29:53:c2:a5:5d:92:80:b7:09:f3:
                    c5:e4:45:26:01:85:62:0b:3b:c9:f3:da:c8:b8:76:
                    44:1c:0a:88:92:57:a1:24:b6:82:0d:db:a2:9d:cd:
                    68:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:46:F6:CF:B2:07:42:C2:E8:FB:82:EF:66:D1:2B:A6:D0:B5:A1:0A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.146.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         09:f5:3d:96:fa:07:c6:8d:4a:02:1c:70:96:29:36:eb:1f:7d:
         10:78:12:53:6e:d9:34:37:64:80:a8:b2:25:87:f3:cd:11:85:
         5d:d4:32:83:f1:21:f3:0d:81:de:01:0b:d6:01:7a:36:da:1a:
         c3:a7:ab:b2:ff:bd:8d:a6:90:fb:4f:f5:42:57:a6:c7:73:cb:
         13:38:1a:e3:ef:21:f5:28:04:78:af:a2:70:46:50:19:49:5b:
         01:16:c9:17:d9:c8:ca:dc:3e:8d:bc:b3:0c:54:40:ab:f1:87:
         28:c3:cc:74:da:e3:80:49:a2:73:1e:68:11:d1:33:62:01:d1:
         2f:b9:09:73:2d:71:a8:a1:0e:a7:95:80:a4:b1:0b:d9:d2:f5:
         a5:7c:4a:05:56:ab:64:68:bc:35:01:1d:b3:39:27:0f:99:70:
         ce:7f:8e:85:b1:c5:60:3e:52:7d:a5:08:67:d8:e9:5b:dc:5c:
         84:99:68:70:6e:80:86:ca:5c:a1:bd:f0:40:fd:6d:0a:0b:6d:
         57:53:de:ed:94:98:1e:35:4a:7f:81:06:be:10:a5:d8:3b:ed:
         0b:8a:7f:97:bf:00:c8:25:7d:c7:e9:07:2a:b3:33:c8:fa:00:
         36:cc:cf:e4:e2:2c:f2:fe:a9:6c:0a:03:ae:3a:b3:45:b0:ee:
         48:f8:94:85
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPVvfIZLPMLepfEFGMT9kvorGqA8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDAxMDAyMDA3WhcNMjUwNTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMTg4YmVhMGNjYzRjZjI5Y2YxYTdlMjBjZjk4ZDBjZmI3
NTdiZmFlNWFkMjI3MzgwMjRiYzQxNjVhZGVjYzljMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3Oze22Gz2sogOza2YTeNyGdf0e5Lkv+Nhcle+qy2QTBfu
Q2yJlUDV1gMINbeFNPrqtJ5WmPl4iqAx4OM1R89GOHI5zTiNo/xIBBkiEtJv8Sp7
GVwS+qWlnAi2hWXY03ibxrVnKDTufvM0g8k0s6YPOA14Jy8QY/Qi9pCill/VPDyO
fSkFYISO7BlyZFW/3I6BbJjECqw9ppqX7O+dHWyvr7wBusjCfyKV59FwpQkrlXk4
WGtmDcwTgPPtzzrAqm+43o0ncAxZ8rgemBkEdR5q1iYcHjNNKVPCpV2SgLcJ88Xk
RSYBhWILO8nz2si4dkQcCoiSV6EktoIN26KdzWgFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUVEb2z7IHQsLo+4LvZtErptC1oQowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU2ZDgyOGJmLTgxZmEtNDI1My04NjkxLWY5YzI3N2NhODRiYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCbkjANBgkqhkiG9w0BAQsFAAOCAQEACfU9lvoHxo1KAhxwlik26x99EHgS
U27ZNDdkgKiyJYfzzRGFXdQyg/Eh8w2B3gEL1gF6Ntoaw6ersv+9jaaQ+0/1Qlem
x3PLEzga4+8h9SgEeK+icEZQGUlbARbJF9nIytw+jbyzDFRAq/GHKMPMdNrjgEmi
cx5oEdEzYgHRL7kJcy1xqKEOp5WApLEL2dL1pXxKBVarZGi8NQEdszknD5lwzn+O
hbHFYD5SfaUIZ9jpW9xchJlocG6Ahspcob3wQP1tCgttV1Pe7ZSYHjVKf4EGvhCl
2DvtC4p/l78AyCV9x+kHKrMzyPoANszP5OIs8v6pbAoDrjqzRbDuSPiUhQ==
-----END CERTIFICATE-----